WordPress Demo Awesome Plugin <= 1.0.2 is vulnerable to Broken Access Control

Software Demo Awesome Type Plugin Vulnerable versions = 1.0.2 Fixed in 1.0.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37207 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 678378443c06 Credits Abdi Pranata Required privilege...

WordPress Consulting Elementor Widgets Plugin <= 1.3.0 is vulnerable to Remote Code Execution (RCE)

Software Consulting Elementor Widgets Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-37091 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 9000e26ba1f3 Credits Rafie Muhammad...

WordPress WishList Member X Plugin < 3.26.7 is vulnerable to Arbitrary File Deletion

Software WishList Member X Type Plugin Vulnerable versions 3.26.7 Fixed in 3.26.7 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-37108 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 544b49cbebea Credits Dave Jong Patchstack...

WordPress Master Slider Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)

Software Master Slider Type Plugin Vulnerable versions = 3.10.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37222 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 90295bc054b8 Credits Rafie Muhammad Patchstack Required...

Exploit for Improper Authentication in Elementor Website_Builder

CVE-2023-47504 POC Exploit for CVE-2023-47504. According to N...

WordPress Page Builder: Live Composer plugin <= 1.5.42 - Contributor+ Shortcode Cross Site Scripting (XSS) vulnerability

Contributor+ Shortcode Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Page Builder: Live Composer versions = 1.5.42...

WordPress Hueman theme <= 3.7.24 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Hueman versions = 3.7.24...

WordPress Slideshow SE plugin <= 2.5.20 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Slideshow SE versions = 2.5.20...

WordPress Squeeze plugin <= 1.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Squeeze versions = 1.4...

WordPress Excellent theme <= 1.2.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Excellent versions = 1.2.9...

WordPress Serious Slider plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Serious Slider versions = 1.2.4...

WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.4.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Online Booking & Scheduling Calendar for WordPress by vcita versions = 4.4.0...

WordPress WP Job Portal plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LuxF0z Patchstack Alliance in WordPress Plugin WP Job Portal versions = 2.1.3...

WordPress Interface theme <= 3.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Interface versions = 3.1.0...

WordPress Easy Age Verify plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Huynh Tien Si Patchstack Alliance in WordPress Plugin Easy Age Verify versions = 1.8.2...

WordPress Tooltip CK plugin <=2.2.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Tooltip CK versions = 2.2.15...

WordPress TemplatesNext OnePager plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin TemplatesNext OnePager versions = 1.3.3...

WordPress Stellissimo Text Box plugin 1.1.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Stellissimo Text Box versions = 1.1.4...

WordPress Woody code snippets plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Woody ad snippets versions = 2.5.0...

WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...